Opened 12 years ago

Closed 12 years ago

#367 closed defect (fixed)

Security: GetFdoCachInfo exposes plain text passwords alongside user Ids

Reported by: stevedang Owned by: stevedang
Priority: medium Milestone: 2.0
Component: Server Version: 2.0.0
Severity: major Keywords:
Cc: External ID: 1010319


Using the Web Tier test pages the GetFdoCachInfo? page exposes plain test passwords alongside their corresponding user id for database connections. For security reasons we should remove the password from the results.

Change History (2)

comment:1 Changed 12 years ago by stevedang

Status: newassigned

comment:2 Changed 12 years ago by stevedang

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.